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Abstract 

The algebraic A-calculus [i^ and the linear-algebraic A-calculus Q extend the A-calculus with the possibility 
of making arbitrary linear combinations of A-calculus terms (preserving ^ a^.ti). In this paper we provide 
a fine-grained, System F -like type system for the linear-algebraic A-calculus (Lineal). We show that this 
scalar type system enjoys both the subject-reduction property and the strong-normalisation property, which 
constitute our main technical results. The latter yields a significant simplification of the linear-algebraic 
A-calculus itself, by removing the need for some restrictions in its reduction rules - and thus leaving it more 
intuitive. But the more important, original feature of this scalar type system is that it keeps track of 'the 
amount of a type' that this present in each term. As an example, we show how to use this type system in 
order to guarantee the well-definiteness of probabilistic functions aj = 1) - thereby specializing Lineal 
into a probabilistic, higher-order A-calculus. Finally we begin to investigate the logic induced by the scalar 
type system, and prove a no-cloning theorem expressed solely in terms of the possible proof methods in this 
logic. We discuss the potential connections with Linear Logic and Quantum Computation. 

Keywords: Probabilistic calculus. Quantum logic. Linear logic 



1. Introduction 

(Linear-) Algebraic A-calculi. A number of recent works seek to endow the A-calculus with a vector space 
structure. This agenda has emerged simultaneously in two different contexts. 

• The exponential-free fragment of Linear Logic is a logic of resources where the propositions themselves 
stand for those resources - and hence cannot be discarded nor copied. When seeking to find models of 
this logic, one obtains a particular family of vector spaces and differentiable functions over these. It is 
by trying to capture back these mathematical structures into a programming language that Ehrhard 
and Regnier have defined the differential X- calculus [l6| . which has an intriguing differential operator 
as a built-in prim itive, and some notion of module of the A-calculus terms, over the natural numbers. 
Lately Vaux [40| has focused his attention on a 'differential A-calculus without differential operator', 
extending the module to finitely splitting positive real numbers. He obtained a confluence result in 
this case, which stands even in the u ntyp ed setting. More recent works on this Algebraic X-calculus 



tend to consider arbitrary scalars [15 



• The field of Quantum Computation, considers that computers being physical systems, they may behave 
accordin g to quantum theory. It proves that, if this is the case, novel, more efficient algorithms are 



possible [33|, |22| - which have no classical counterpart. Whilst partly unexplained, it is nevertheless 
clear that the algorithmic speed-up arises by tapping into the parallelism granted to us 'for free' by 
the superposition principle; which states that if t and u are possible states of a system, then so is the 
formal linear combination of them a.t + /3.u (with a and /3 some arbitrary complex numbers, and up 
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to some renornializing factor). The idea of a module of A-terms over an arbitrary scalar field arises 
quite naturally in this context. This was the motivation behind the Linear- algebraic X-calculus by 
Dowek and one of the authors, who obtained a confluence result which holds for arbitrary scalars, and 
again covers the untyped setting. 

These two languages are rather similar: they both merge higher-order computation, be it terminating or 
not, in its simplest and most general form (namely the untyped A-calculus) together with linear algebra 
in its simplest and most general form also (the axioms of vector spaces). In fact they can simulate each 
other [i, 11|. Our starting point will be the second one, also referred to as Lineal in this work: because its 



confluence proof allows arbitrary scalars and because one has to make a choice. 

Other motivations to study (Linear-)Algebraic A-calculi. The two languages are also reminiscent of 
other works in the literature: 

• Algebraic and symbolic computation. The functional style of programming is based on the A-calculus 
together with a number of extensions, so as to make everyday programming more accessible. Hence 
since the birth of functional programming there has been several theoretical studies of extensions of 
the A-calculus in order to account for basic algebra (see for instance Dougherty's algebraic extension 
(isj l for normalising terms of the A-calculus) and other basic programming constructs such as pattern- 
matching, together with the sometimes non-trivial associated type theories (see for instance Petit's 
A-calculus extension and type system (28j with pattern matching). Whilst this was not the original 
motivation behind (linear-) algebraic A-calculi, these languages could still be viewed as just an extension 
of the A-calculus in order to handle operations over vector spaces, and make everyday programming 
more accessible upon them. The main difference in approach is that here the A-calculus is not seen as 
a control structure which sits on top of the vector space data structure, controlling which operations 
to apply and when. Rather, the A-calculus terms themselves can be summed and weighted, hence they 
actually are the basis of the vector space. . . upon which they can also act. 

• Parallel and probabilistic computation. This intertwining of concepts is essential if seeking to represent 
parallel or probabilistic computation as it is the computation itself which must be endowed with a 
vector space structure. The ability to superpose A-calculus terms in that sense takes us back to 
Bouldol's parallel A-calculus and may also be viewed as taking part of a wave of probabilistic 
extensions of calculi, e.g. [ol. [23I [lo|. 

Hence (linear-)algebraic A-calculi can be seen as a platform for various applications, ranging from algebraic 
computation, probabilistic computation, quantum computation and resource-aware computation. 
The existence of a norm in (Linear-) Algebraic A-calculi. We will not be developing any of the 
above-mentioned applications specifically in this paper. In the same way that the theory of vector spaces 
has many applications, but has also got many theoretical refinements that deserve to be studied in their 
own right, we take the view the theory of vector spaces plus A-calculus has got theoretical refinements that 
deserve to be studied in their own right. Moreover, these theoretical refinements are often necessary in 
order to address the applications, as is notoriously the case for instance with the notion of norm. This is 
the case again here, for instance if we want to be able to interpret a linear combination of terms ^a^.t^ 
as a probability distribution, we will need to make sure that it has norm one. The same is true if we want 
to interpret ^a^.t^ as quantum superposition, but with a different norm0. Yet the very definition of a 
norm is difficult in our context: deciding whether a term terminates is undecidable; but these terms produce 
infinities, hence convergence of the norm is undecidable. Related to this precise topic, Vaux has studied 
simply typed algebraic A-calculus, ensuring convergence of the norm [4^. Following his work, Tasson has 
studied some model-theoretic properties of the barycentric (^ = 1) subset of this simply typed calculus 



^Whereas it is clear already that Lineal is a quantum A-calculus, in the sense that any quantum algorithm can be expressed 
in this language 3] , the converse, alas, is not true, in the sense that some programs in Lineal express evolutions which are not 
valid quantum algorithms. This is precisely because Lineal does not restrict its vectors to be normalized and its applications 
to be unitary. 
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[36| . In the process of revising this paper we have also become aware of some just pubhshed work by Ehrhard, 
which proves the convergence of a Taylor series expansion of algebraic A-calculus terms, via a System F 
typing system (l5l |. 

Hence, standard type systems provide part of the solution: they ensure the convergence of (the existence 
of) the norm of a term. And indeed it is no so hard to define a simple extension of System F that fits Lineal 
- just by providing the needed rules to type additions, scalar products and the null vector in some trivial 
manner (see definition [SJ . In this paper we provide a full-blown proof of strong normalisation from this 
type system (see section O. A byproduct of this result is that we are able to remove several conditions that 
were limiting the reduction rules of Lineal^ because their purpose was really to keep indefinite form from 
reducing (such as t — t, with t not normal and hence potentially infinite). This is a significant contribution, 
as it makes Lineal into a simpler language. 

Quantified types for (Linear-)Algebraic A-calculi. Standard type systems only provide a part of the 
solution; they are unable for instance to impose upon the language that any well-typed linear combination 
of terms ^a^.t^ has '^ai = 1. That is unless we provide them with a handle upon these scalars. This is 
the purpose of the scalar type system which is proposed in this paper. Our contribution in this paper is 
indeed a type system which manages to keep track of 'the amount of a type' by summing the amplitudes 
of its contributing terms, and refiects this amount within the type. As an example of its use, we have 
demonstrated that this provides a type system which guarantees well-definiteness of probabilistic functions 
(see section [5]) in the sense that it specializes Lineal into a probabilistic, higher-order A-calculus. This 
example also illustrates how further advances in the theory may help specialize (linear-)algebraic A-calculi 
into more specific-purpose languages, closer to applications ~ each of them requiring its own type system. 
Endowing Lineal with a non-trivial, more informative / fine-grained type system was quite a challenge, as 
the reader will judge. But we believe that fine-grained type theories for these non-deterministic / parallel 
/ probabilistic extensions of calculi, which would capture how many processes are in what class of states, 
with what probability. . . may eventually lead to interesting forms of quantitative logics. In this paper we 
only begin to explore that route, by proving a no-cloning theorem for the scalar logic induced by the scalar 
type system - which echoes a long literature on Linear Logic and Quantum Computation. 

Section [5] presents an overview of the linear-algebraic A-calculus [Lineal) i]. Section [3] presents the 
scalar type system with its grammar, equivalences and inference rules. Section[¥]shows the subject reduction 
property giving consistency to the system. Section[5]shows the strong normalisation property for this system, 
allowing us to lift the above discussed restrictions in the reduction rules. In section |6] we formalise the type 
system V for probabilistic calculi and work out the no-cloning theorem in the logic induced by the scalar 
type system. In Section [7] we present a discussion and future work. Section [5] concludes. 

2. Linear-algebraic A-calculus 

Intuitions. As a language of terms. Lineal is just A-calculus together with the possibility to make 
arbitrary linear combinations of terms (a.t -f /3.u). In terms of operational semantics. Lineal merges higher- 
order computation, be it terminating or not, in its simplest and most general form (the /3-reduction of the 
untyped A-calculus) together with linear algebra in its simplest and most general form also (the oriented 
axioms of vector spaces). Care must be taken, however, when merging these two families of reduction rules. 
For instance the term (Aix ig) x) (a.t -I- /3.u), where ® stands for the usual encoding of the tuple, maybe 
thought of as reducing to (a.t-|-/3.u)(8)(Q;.t-|-/3.u) in a call-by-name-oriented view, or to a.(tCg)t)-|-/?.(u(X)u) 
in a call-by-value-oriented view, also compatible with the view that application should be bilinear (cf. 
Application rules, below) . Leaving both options open would break confluence, the second option was chosen, 
which entails restricting the /3-reduction to terms not containing sums or scalars in head position (cf. Beta 
reduction rule, below). 

Instead introducing vector spaces via an oriented version of their axioms {e.g. a.xi + /3.u — ^ (a -I- /3).u), 
one could have decided to perform the /3-reduction 'modulo equality in the theory of vector spaces' {e.g. 
a.n + /3.U {a + /3).u). But there is a good reason not to do that: It is possible to define fixed point 
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operators 

Y = Ay ((Aa; {y + {x x))) {\x {y + {x x)))) 

and a term b such that (Y b) reduces to b + (Y b) and so on. Modulo equahty over vector spaces, the 
theory would be inconsistent, as the term (Y b) — (Y b) would then be equal to 0, but would also reduce to 
b + (Y b) — (Y b) and hence also be equal to b. Instead, this problem can be fixed by restricting rules such 
as a.u + /3.u (q; + /3).u to terms that cannot reduce forever (cf. Factorization rules, below), matching the 
old intuition that indefinite forms 'c» — cxd' must be left alone. Moreover, oriented axioms of vector spaces 
define vector spaces, and no more than vector spaces, just as well as the original axioms do, as was shown 
in Plus the orientation serves a purpose: it presents the vector in its canonical form. 
Definitions. Consider a first-order language, called the language of scalars, containing at least constants 
and 1 and binary function symbols + and x . Then the language of vectors is a two-sorted language, with 
a sort for vectors and a sort for scalars. The sort for vectors is described by the following term grammar: 

t ::== b I (t t) I I a.t I t -l-t 

h .:= X I Aa; t 

where a has the sort of scalars. Those scalars may themselves be defined by a term grammar, and endowed 
with a term rewrite system (TRS) which is compatible with their basic ring operations (+,*)• Formally it is 
captured in the definition jsl, sec. Ill - def. 1] of a scalar rewrite system, but for our purpose it is sufficient 
to think of them as a ring. We reproduce this definition for completeness. 

Definition 1 (Scalar rewrite system). A scalar rewrite system S is an arbitrary rewrite system defined 
on scalar terms and such that 



iS* is terminating and confluent on closed terms, 
for all closed terms a, /? and 7, the pair of terms 

— + a and a, x a and 0, 1 x a and a, 

— a X (/3 + 7) and (a x /?) + (a x 7), 

— (a -I- /3) -f 7 and a + (/? + 7), a + /3 and l3 + a, 

— (a X /3) X 7 and a x (/? x 7), a x /3 and (3 x a 

have the same normal forms, 

• and 1 are normal terms. 

More importantly there are 16 rewrite rules for vectors, modulo associativity and commutativity, that is an 
AC-rewrite system [2^ . divided in four groups: 

Elementary rules: Factorisation rules: Application rules: Beta reduction: 

u + — ^ u, a.u + /3.U — > (a + /3).u (u + v) w — > (u v) + (u w) (Aa;t) b — > t[b/a;] 

0. u^O, (*), (**), (***). 

1. u — u, a.u 4- u (a -I- l).u w (u + v) ^> (w u) -I- (w v) 

(*), (**), 

a.(/3.u) {a X u + u — J- (1 -f l).u (*). (a.u) v q;.(u v) (*), 

/3).u, V (a.u) ^ a.(v u) (*), 

a.{u -t- v) a.u + u ^ 0, 

a.v. u ^ 0. 

where -I- is an associative-commutative (AC) symbol and 
(*) these rules apply only if u is a closed normal term. 
(**) these rules apply only if u + v is a closed normal term. 
(***) the rule apply only when b is a base term. 

Restriction (***) is the one that limits the beta reduction, whereas restrictions (*) and (**) are those 
that avoid confluence problems related to infinities and indefinite forms, as discussed above. 
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3. The Scalar Type System 

We now introduce our scalar type system for Lineal. 

The language of types is defined by the following abstract grammar: 

T = U\ yX.T \a.T\0 

U = X\U^T\ ^X.U 

where a e «S and (<S, +, x) is any commutative ring. Notice that the grammar for U, which we call unit 
types, does not allow for scalars except to the right of an arrow. Notice also the novelty of having scalars 
weighting the amount of a type. 

We also define an equivalence between types as follows: 

Definition 2. Let a,P & S and T We define the type equivalence = to be the least congruence such 
that 

• •O.T = • l.T = T • a.{l3.T) = {a x I3).T • VX.a.T = a.yX.T 

and extend this definition to equivalence between sequents in the following way: [T \- t:T = T \- t: S] 'If^ 
[T^S]. 

Splitting the grammar into general types and unit types is a necessary consequence of the fact that we 
want scalars in the types to reflect scalars in the terms (e.g a.Xxt should have the type a.U). Indeed if we 
did not have the restriction on the left side of an arrow being a unit type, i.e. U ^ T, then we would have 
things like (a.X) — > X, which a priori do not make sense, because abstractions receive only base terms as 
arguments. This can be fixed by adding the equivalence {a. A) B = a.{A ^ B), making sure that a is 
non-zero. But still we would need to keep the E rule restricted to having a unit type on the left of the 
arrow, otherwise we break the required correspondence between scalars-in- types and scalars-in-terms, e.g.: 

\- a.Xxx:{a.T) \-t:a.T 

noticing that [a.Xx x) t — >■* a.t 

^{a.\xx)t:T 

Regarding typing rules, as we just said, we want the scalars in the types to represent those in the terms. 
Hence we want a rule as follows: 

ri-u:T 

al 

r h a.n-.a.T 

We need also need to take care of sums of terms: 

rhu:n.r rhv:.J.r 
+/ 

Vh\x + w:{a + p).T 

The term should have type O.T for any type, as it is the result of, for example, terms like t— t. Equivalences 
between types also give us O.T = 0, so we add this as an axiom: 



Finally, let us go back to the application. The standard rule — >■ E needs to be made consistent with the 
extra rules for application that we haveapart from beta reduction; namely the Application rules: 

1. (u + v) w — >■ (u v) + (u w) 

2. w (u + v) — > (w u) + (w v) 

3. (a.u) v — !> q:.(u v) 

4. V (a.u) — ;> a.(v u) 

5. u 
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6. u ^ 

Notice that the terms u and v in rules [T] and [5] must now have the same type (up to a scalar), so the type 
of u + V is analogous to the type of a.u in rules [3] and |4l Also, the type for in rules [5] and [6] is the same 
as the type of O.u. So we can focus our discussion on rules [3] and |4l 
By rule [21 we must have: 

rhu:a.(J7^T) rhv:C/ 



By rule |31 we must have: 



r h u v.a.T 



rhu v:/3.T 

By combining these two we obtain: 

rhu:a.(C/^r) rhv:/3.C/ 



E 



T'r uv.ax (3.T 

The complete set of typing rules is therefore System F with the changes and additions discussed above: 

ax rht:T T^S _ 

T,x:Uhx:U Fht'S* 

Thu:a.{U ^T) Thv./S.U T,x:Uht:T 

> E y I[U] 

rh(uv):(ax^).r TV^Xxt-.U^T 

ri-u:VX.T rhu-T 

■ "iElX := U] V/[X] with X i FV{V) 



rhu:r[C//X] rhu:VX.T 

rhu:a.r ri-v:;9.r ri-u:T 

7^ "^0 VI s/[a] 



r^0:0 rhu + v:(a + /3).T rha.u:a.T 

Where U and Name[Cond] represents a family of rules; one for each condition. Moreover, FV designates 
the set of free variables of a type, defined in the usual manner. 

This fully specifies our scalar type system for Lineal. Notice that the scalars within the types reflect 
those of the contributing terms. The major part of our work will consist in proving properties about the 
system, such as subject reduction and strong normalisation. 



4. Subject reduction 

The following theorem ensures that typing is preserved by reduction, making our type system consistent. 
Having such a property is part of the basic requirements for a type system. 

Theorem 1 (Subject Reduction). Let t t' . Then T h t:T ^ T h t' -.T 

The proof of this theorem is quite long and non-trivial. This is the main technical contribution of the 
paper. In case the reader is not interested by the technical details, he may skip the remaining of this section 
and continue directly in section [5] 

4.I. Preliminary lemmas 

In order to prove this theorem, we need several auxiliary lemmas standing for general properties of our 
system. We have tried to provide an intuition of every lemma so as to make it easier to follow. Also, we 
divided them in four groups, reflecting the nature of their statement. 
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4- 1.1. Lemmas about types 

The lemmas in this sub-subsection are statements about the properties of the types themselves, i.e. their 
equivalences. 

It is not so hard to see that every type is equivalent to a scalar multiplied by a unit type {i.e. a type in 
U). Even a type in U can always be multiplied by 1. 

Lemma 1 (a unit). eT, 3U eU,a eS s.t. T = a.U . 

Proof. See appendix [Appendix A| 

This first lemma should not be misinterpreted however: this does not mean to say that any scalar 
appearing within a type can be factored out of the type. For example even a simple unit type X — > a.X is 
not equivalent io a.{X ^ X). 

The following just says that when two types are equivalent, then the outer left scalars are the same: 

Lemma 2 (Unit does not add scalars). \/U,U' G U, ^a, /3 £ S, if a.U = (3.U' then a — (3 and, if 
a ^ 0, then U = U' . 

Proof. See appendix [Appendix B[ 

Several of the following lemmas will be proved by induction on the size of the derivation tree, so, we 
need to formally define what we mean by size. In our definition we count the depth of the tree, but ignoring 
any application of an equivalence rule: 

Definition 3. We define the size of a derivation tree inductively as follows 

^^A 

= size S' = max{size(7ri), size(7r2)} + 1 

where iti,tt2 are derivation trees, 5" is a sequent, R and R' are type inference rules, and S = 5'. Often 
we denote by Sn a sequent that can be derived with a proof of size n. 

We will also need a concept of order between types. Without actually making a subtyping theory, we 
can define a partial order relation between types following [^: 

Definition 4. 

1. Write A> Bit either B = WX.A or A = yX.C and B = C[U/X] for some U eU. 

2. > is the reflexive and transitive closure of >. 

Remark 1. This definition of an order is quite intuitive. The idea is that types in the numerator of 

rht:A Tht-.yx.c 

■ V/ with X i FV{Y) or — - \1E 




rht:VX.A ' ' YVt:G\UlX\ 

are greater than the types in the denominator, hence if t is of a greater type, it must also be of the lesser 
type. 

Notice that scalars do not interfere with the order, as stated by the following lemma: 

Lemma 3 (Scalars keep order). T >T' ^ a.T > a.T' . 

Proof. See appendix [Appendix C| 

The following lemma states that if two arrow types are ordered, then they are equivalent up to some 
substitution. 

Lemma 4 (Arrovi^s comparison). V R>U ^ 3W, X / U ^ T = {V ^ R)[W / X] 
Proof. See appendix [Appendix D[ 
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4- 1.2. Classic lemmas 

The lemmas in this subsection are the classic ones, which appear in most subject reduction proofs. 
As a pruned version of a subtyping system, we can prove the subtyping rule: 

Lemma 5 (Order typing). Let A > B and suppose no free type variable in A occurs in T. Then 

r \- u-.A^r h u:B 

Proof, cf. 01. 

Proving subject reduction means proving that each reduction rule preserves the type. The way to do 
this is to go in the direction opposite to the reduction rule, i.e. to study the reduct so as to understand 
where it may come from, decomposing the redex in its basic constituents. Generation lemmas accomplish 
that purpose. 

We will need four generation lemmas: the two classical ones, for applications (lemma 15]) and for abstrac- 
tions (lemma [7]) and two new ones for the algebraic rules, one for products by scalars (lemma and one 
for sums (lemma [S]). 

Lemma 6 (Generation lemma (app)). Let S'„ = P h (n : j.B. Then 3a, (3 £ S,r, s E No, U ElA and 

B' eT s.t. 

' Sr = VV- v.a.U 

Ss=Th- u-.p.U B' 
< B' > B 
7 = a X /3 
max(r, s) < n 

Proof. Induction over n 

Basic case, n = 1. We enumerate the four possible ways of deriving P h u v: T in a derivation tree of size 
1. Sr and Ss turn out as sub-trees. 

========== ax and = = ax and = 

I T,x:U ^T,y:U h x:l.U T,x:U ^ T,y:U h y.l.U 

r,x:U -^T^y.U h X y.l.T 

===== ax and = ==^= axn and = 

9 T,x:U h x:l.U ^T r,x:U ^ 0:O.U 

T,x:U ^T^ X 0:O.T 

======= axj: and = ==== ax and = 

3 r,y:L/ h O:0.?7 ^ T V,y:UVy:\.U 

P,y:[/ h 2/:0.T 

===== axfr and = = ax-F. and = 

4 PhO:0.C/-!-r P[-0:O.C/ 
>E 

P h 0:O.T 

Inductive cases. The possible cases are 

Phu:^.(f/^B) Phv:a.[/ 

1. i- E This is the trivial case. 

P h u v:(a X pi).B 
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As VX.j.B = j.yX.B, by the induction hypothesis 3a, (3,r, s,U 
Thuv.WX.j.B and B' > \/X.B s.t. Sr = T Y- u:/3.J7 -> B', 5^ = T h v:a.C/, 

' r h u w:'y.B[U/X] a x /3 = 7 and max(r, s) < n - I. As B' > MX.B > B[U/X] then 

by transitivity B' > B[U/X]. 

r h u v: 7.S by the induction hypothesis 3a, /3, r, s, C/ and B' > B s.t. S'^ = T h 



3. ri-uv:VX.7.B u: /S.f/ — B', S'g = F I- v: a.f/, a x /3 = 7 and max(r, s) < n — 1. By 

'■ ^— = definition B > MX.B, so by transitivity B' > MX.B. 

rhu v:7.VXS 

Lemma 7 (Generation lemma (abs)). T \- Xx t:T ^ 3U G and A £ T s.t. r,x:U 1-4:^4 and 

U ^ A>T. 

Proof. Let Sn =T \- \x t:T. Induction over n. 
Basic cases. n=l. 



ax axn 

1 2 T,x:U^x:U 3 r,x:C/hO:0 

ax — >I[U] — ^^I[U\ 

Y,x:U,y:V'^y:V T^\xx:U^U T^XxQ-.U^Q 



V,y:V^ Xx y.U 

Inductive cases. 

T,x:U'rt:A 



T\-Xxt:U ^A 
ri-Aa;t:VX.T 



I[U] 



— > I\JJ] This is the trivial case. 



\/E induction hypothesis 3U, A s.t. T,x:U \- t: A and U ^ A> 



r h Aa; t : T[V/X] VXT > T[VIX]. 
T\-Xx t:T 



V/ by the induction hypothesis 3U, A s.t. V,x:U "rt-.A and U ^ A>T > 



r h Ax t : \/X.T YX.T 

Lemma 8 (Generation lemma (sc)). Let a ^ and S'n = F h a.t: a.T. T/ien 3m < n s.<. S'm = F h 
t:T 

Proof. Induction over n. 
Basic case, n = 1. 



■ ax 



I r,x:Uhx:U 

sl[a\ 

T,x:U h- a.x : a.U 

Then So = T,x:U^x:U. 

= ax^ 

9 r h : 

= sl[a] 

T\-a.O:a.O 

Then 5o=rh 0:0. 

Inductive cases. Looking at the last derivation rule 

Fh a.t : MX.a.B As yX.a.B = a.VX.B, by the induction hypothesis 3m < n - 1 s.t. 
1- r\-a.t:a.B[U/X] S*™ = F h t : WX.B, then by using ME rule, F h t : B[U/X] and notice 

that m<n — l=^»m + l<n. 
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r h a.t:a.B 

V/ by the induction hypothesis 3m < n — 1 s.t. Sm = F h t: S, then by 



2. r h a.t:VX.a.B ^ ^^j^g yj ^.^j^^ p |_ ^ . ^^^^ ^^^^j^^g m<n-l^m + l<n 
r h a.tiQ.VXB ~ 
r h t: A 

a./ This is the trivial case. 



r h a.t:a.A 



Lemma 9 (Generation lemma (sum)). Let S'„ = F h m + v. a. A. Then 35, 7 G 5 and r, s e No s.t. 

S'r = F h m: 5s = F h t): 7. A, (5 + 7 = a and max(r, s) < n. 

Proof. Induction over n. 

Basic cases, n — 1. We enumerate the four possible ways of deriving F h u + v: a. A in a derivation tree 
of size 1. Sr and Ss turn out as sub-trees. 

and = ======= ax and = 



-I T,x:U,y:U x:l.U r,x:U,y:U h y.l.U 
+/ 

T,x:U,y:U ^ x + y:{l + l).U 

===== ax and = =^^^^^== ax-Q and = 



9 r.a;:C/ h F, x: C/ h : O.t/ 

+/ 

F,a;:C/ha; + O:(l + 0).C/ 

===== axjT and = == ax and = 

3_ r,y:C/ h O:0.f/ F, y : h ?/ : l.f/ 

T,y:UhO + y:{0 + l).U 

= axfi and = = axn and = 

4 FhO:0.C/ FhO:0.[/ 

+/ 

FhO + O:(0 + 0).t/ 

Inductive cases. We suppose that any derivation of size n — 1 ofFhu + v: a. A, has the property above. 
Looking at the last derivation rule, the possible cases are 

^ Thu:6.A Fhv:(a-(5).A Then take 7 = a - (5, 5^ = F h u: (5.A, 5^ = F h v: (a - 
Y \- u + V a A S).A and notice that inax(r, s) < n and S + a — S = a. 

As yX.a.B = a.VX.B, by the induction hypothesis 35, 7, r and s 
F h u + viVX.a.B s.t. = F h u.S.'iX.B, Sr = T h w.-f.'iX.B, 5 + 7 = a and 

Vi? max(r, s) < n - 1. Then by using "iE rule, F h u: 5.i?[?7/X] and 



^^^ + ^-a-B[UlX] p ^ v:7.B[i7/X]. So, 5,+i = F h u:5.B[C//X], 5,+i = F h 

w -.^ .B\U / X] and max(r + 1, s + 1) = max(r, s) + 1 < n. 

F h u + v:a.i? by the induction hypothesis 35, 7, r and s s.t. 5^ = F h u:5.i?, 

Fhu + vVXaB^^ S's = F h v.^.B, 5 + 7 = a and max(r, s) < n - 1. Then, by 

3. ^ — = using V/ rule, F h u:VX5.B = and F h v:VX.7.B = 

Fhu + v:a.VX.B 7.VX.B. So, = F h u:5.VX.B, S^s+i = F h v.j.yX.B and 

max(r + 1, s + 1) = max(r, s) + 1 < n. 

The foUowinglemma is quite standard in proofs of subject reduction for System F -like systems, and 
can be found in p, [26| . It ensures than by substituting type variables for types or term variables for terms 
in an adequate manner, the type derived is still valid. 

Lemma 10 (Substitution lemma). 
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1. rhu:T=> r[U/X] h u: T[U/X], with U eU. 

2. r,x:Uh- t:B ATh b:U ^Th- t[b/x]:B, with U eU. 



Proof. 

1. Induction on the derivation of F h u: T. See appendix [Appendix E[ 

2. Induction on the derivation of F. a; : [/ h t : _B. See appendix [Appendix F[ 

The foUowing corollary allows the arrow to be split without needing to consider the order relation: 
Corollary 1 (of lemmal?]). T h Xx t:U ^ T ^ r,x:U h t:T 

Proof. Let T \- Xxt:U ^ T. By lemma H 3V,R such that V ^ R > U ^ T and r,x:V h t: R, then 
by lemma [1 3W,X such that U ^ T = {V ^ R)[W/X] and by lemma [101 (T, x)[W / X]:V[W/ X] h 
t:R[W/X], I.e. T[W/X],x:U ^ t:T. 

Notice that if r[iy/X] = F, then we are finished. In the other case, X appears free on F, however, to 
get U from y — > i? as a type for Aa;t by substitutions, we would need to use the rule VJ, so X cannot 
appear free in F, which constitutes a contradiction. So, T ,x:U \- t:T . 

4-. 1.3. Lemmas about the scalars 

This section contains the lemmas which make statements about the relative behaviour of the scalars 
within terms and within types. 

For example, scalars appearing in the terms must found themselves reflected within the types also. This 
is formalised in following lemma: 

Lemma 11 (Scaling unit). T \- a.t:T ^ 3U e U,'y e S s.t. T = a.j.U 
Proof. Let Sn — L \- a.t: T. Induction over n. 
Basic cases, n = 1. 



■ ax 



1. ^.x-.Uy-x-.U Notice that yu eU,U = l.U. 

si [a\ ' 

T,x:U \- a.x : a.U 

■ axn 



r^0:0 Notice that VJJ G = 0.[/. 

— si [a\ 



F h a.O:a.O 
Inductive cases. The possible cases are 

F h t:yl 

1. sl\a\ By lemmalU 3C/ e Z^,7 e 5 s.t. A = 7.C/. Then a.A = a.7.C/. 

F h a.t -.a.A 

By lemma d 3U elt,5 eS s.t. B = S.U, then B[V/X] = 6.U[V/X] 
and also VX.B = VX.S.U = 6MX.U . In addition, by the induction 
Fha.t:VXS hypothesis 3U' (z U,-i (z S s.t. VXB = a.j.U'. Summarising: 

2- at- B\V/X] "•'T-f^' = S.yX.U. Then, by lemma [1 (5 a x 7, so B[V/X] = 

a.-/.U[V/X]. In addition, by lemmad 3U" eU,<;eS s.t. U[A/X] = 
<?.[/". Then B[A/X] = a.7.<;.[/" = 0.(7 x <;).[/". 

F h a.t : B ^ ^^le induction hypothesis 3U £ U,"/ lE S s.t. B = a.^.U, then 

■ F h a.t:\fX.B VX.B = yX.a.-/.U = a.^/.VX.U. 



A base term can always be given a unit type. 
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Lemma 12 (Base terms in unit). Let b be a base term. Then F h b:T ^ 3U G U s.t. T = U. 



Proof. Induction on the derivation of F h b: T. See appendix [Appendix G| 

By ax-Q is easy to see that has type 0, but also by using equivalences between types it is easy to see 
that VX.O is equivalent to and any T < will also be equivalent to 0. Then: 

Lemma 13 (Type for 0). F h 0: T =^ T = 

Proof. Induction on the derivation of F h 0: 0. See appendix [Appendix H| 

The following theorem is an important one. It says that our scalar type system is polymorphic only in 
the unit types but not in the general types in the sense that even if it is possible to derive two types for 
the same term, the outer left scalar {i.e. scalar in the head position) must remain the same. Its proof is not 
trivial and uses several of the previously defined lemmas. 

Theorem 2 (Uniqueness of scalars). Let U,V eU. Then 

F h t:a.U 
F h t-.p.V 

Proof. Structural induction over t. 

Basic cases. 

1. t = 0. Then by lemma [Tl a = /3 = 0. 

2. t = x. Then by lemma [HI a = /3 = 1. 

3. t = Xxt'. Then by lemma [T^ a = /? = 1. 

Inductive cases. 

1. t = 7.t'. Then by lemmaim 3cr, 5, [/', F', s.t. a.U = 'y.a.U' and I3.V = 'j.S.V. Then by lemma 
[51 F h t' : a.U' and F h t' : S.V' , so by the induction hypothesis a — S. 

In addition, by lemma [H a — j x a and /3 = 7X(5, soq; = 7Xo' = 7X(5 = /3. 

2. t = ti+t2. Then by lemma [HI 371, 72, (5i, ^2 s.t. 

Thti-.ji.U ( Thti-.Si.V 

Fht2:72.t/ < r^t2:S2.V 

71 + 72 = a { 5i + 62 = /3 

Then by the induction hypothesis 71 = Si and 72 = (^2, so a = 71 + 72 = (^i + (52 = /3. 

3. t = (ti ta). Then by lemma[a 371,72,^1,(52, W^,M^',f/' > C/,V"' > y s.t. 

F h ti:7i.VF ^ t/' ( Thti-.Si.W 

Fht2:72.VF I Tht2:S2.W' 

7i X 72 = a { Si X 62 ^ P 

Then by the induction hypothesis 71 = Si and 72 = (52, so a = 71 x 72 = (5i x (52 = /?. 

From this theorem, the uniqueness of comes out, in the sense that no term can have type and some 
other type T which is not equivalent to 0. 

Corollary 2 (Uniqueness of 0) . F h < : ^ VT ^ 0, F 1/ i : T . 
Proof. See appendix [Appendix I[ 
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As has type which is equivalent to O.U for any [/, can still be given as an argument for an 
application, or even be applied to another term. In either case the result will be a term of type 0: 

Lemma 14 (Linearity of 0). 

1. r \- u:T ^ T = 0. 

2. r \- u 0:T ^ T = 0. 

Proof. 

1. Let r h u: T and using lemmafU let T = 7.C/. Then by lemmail 3a, (3, U' and B >U s.t. 

^ = a X (3 
r h 0:/3.C/' ^ B 
r h u:a.U' 

Hence, by corollaryH /S.U' ^ B = = O.U, so by lemmalU /3 = 0, then 7 = a x = 0, so T = 7.C/ = 0. 

2. Analogous to [TJ 

4- 1.4- Subject reduction cases. 

The following three lemmas are in fact cases of subject reduction, however, they will also be necessary 
as lemmas in subsequent proofs. 

Lemma 15 (Product). T h a.{/3.u) -.T ^ T \~ {a x /3).u:T . 

Proof. By lemma fTTl 3U eU,"f eS s.t. T = a.j.U. Then by lemmalU T h l3.u:"f.U. Then by lemma [TT] 
again, 3U' eU,Y eS s.t. j.U = f3.y.U'. Then by lemma[51 F h u:7'.C/', so 

F h u:-v'.U' 

sl[a X /3] 



F h (a X /3).u:(a x .U' 
Notice that (a x /3).7'.[/' = a.p.-y'.U' = a.-f.U = T. 
Lemma 16 (Distributivity). F h a.(n + : T ^ F h a.u + a.v.T 

Proof. Let F h a.(u + v):T. Then by lemma [TTl 3a s.t. T = a. A, so by lemma[Hl T\- u + v.A 
Using the fact that A = l.A, by lemma^l F h u: and F h v: (1 - d).A. Then 

Thu:S.A v:{l-S).A 

si [a] and = ======= si [a] and = 



a.u:{a X 6).A F h a.v: (a x (1 - (5)).yl 

+/ 

F h a.u + a.v: {a x S + a x (1 — (5)). A 

Notice that (a x 5 + a x (1 - S)).A = a. A = T. 

Lemma 17 (Factorisation). F h a.u + (3.u:T ^ F h (a + /3).M:T 

Proof. Let F h a.u + /J.uiT. By lemmalU 3(5,7 e 5 s.t. 

F h a.u:(5.T 
F h ;3.u:7.r 

5 + 7 1 

In addition, by lemma [TJ 3U £ U and a £ S s.t. T = a.U. Then 

F h a.u:S.c7.U 
F h /3.u:7.cr.[/ 

(5 + 7 = 1 
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Then by lemma HH 3(j),ip eS and U',U" eU s.t. 

( S.a.U = a.cjj.U' 
\ -f.a.U EE iS.ifi.U" 

So, by lemma [21 

J 5 X a = a X (j) 
y J X a — l3 X ip 

Cases: 

1. Case <T = 0. Then T = 0, so T h a.u: a.O, so by lemmalU T h u: 0. Then 

r h u:0 

_ slla + B] and = 
rh(a + /3).u:0 

2. Case cr ^ 0, (5 = 0. Then 7 = 1, so T h ;3.u;T = p.ip.U", then by lemmaE T h u:.^.f/", so 

r h u 

======== sl\a + /31 and = 

rh (a + /3).u:((a + /3) x<^).C/" 

As (5 = 0, the possible cases are 

• a = 0, so {{a + ;9) X (^).C/" ee (/3 x (^).f/" ee ct.JJ ee T. 

• a 7^ 0, then F h a.u:0 = a.O, then by lemma [HI F h u:0. 
In addition, as F h /?.u: /3.(p.U", by lemma [51 F h u: (p.U", then by corollary [51 (p.U" = 0, so 
(/3 = 0, and then j = 0, so 5 — 1, which is a contradiction. 

3. Case cr 7^ 0, 7 = 0. Analogously 

4. Case a, /3, </>, (/? not 0. Then by lemma H U = U' = U" 
Then 

F [- a.u: a.(f).U 
F h /3.u:/3.(p.[7 

(5 + 7=1 

Hence by lemma [51 F h u: and F h u: ip.U 
Then by theorem [21 4> = ^ and then 

F h u:0.C/ 

sl[a + p] 

rh {a + f3).u:{a + l3).(j>.U 

Notice that {a + l3).(t).U = {{a + (5) x 4>) .U ^ {ax (j) + (5 x ip).U ^ {5 x a + ^1 x a).U = {{5 + x a) .U = 
(1 X a).U = a.U = T. 

4-2. Subject reduction proof 

Now we are able to prove subject reduction (Theorem [IJ . 

Proof. We proceed by checking that every reduction rule preserves the type. 

Group E 

rule u + O^u. Let F h u + OiT. Then by lemma[ni 3a, /3 e S s.t. a + /3 = 1, F h u:a.T and 
F h 0:I3.T. Then, by lemmalU /3.T = 0, so T = 0, and then a.T = = T, or ;3 0, so a = 1. 

rule O.u 0. Let F h O.u: T, then by lemma ITTl 3A s.t. T = O.A = 0, and by rule ax^, F h 0: 0. 

rule l.u u. Let F h l.u:T = l.T. Then by lemma [51 F h uiT. 
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rule a.O 0. Let T h a.O .T, then by lemma [TTl 3A s.t. T = a. A, then by lemma [SI T h :A. So, 

by rule axg, A = and so T = a. A = 0. 

rule a.{(3.u) (a x /3).u. True by lemma fTSl 
rule a.(u + v) — > a.u + a. v. True by lemma [T51 

Group F 

rule a.u + /3.u {a + /3).u. True by lemma [TTl 
rule a.u + u — s> (a + l).u. Let F h a.u + u : T. Then 

r h a.u + u:r 



Fh l.(a.u + u):l.T 

Then by lemma [TBI F h l.a.u + l.u: l.T. Then by lemma[9] 

F h La.u:7.T 
F h l.u:S.T 

7 + ^ = 1 

Then by lemma [TSj F h a.u:7.T, so 

Fha.u:7.T Thl.u:S.T 

+/ 

F h a.u+ l.u: l.T 

Then by lemma [TTl T h (a + l).u: l.T = T. 

rule u + u ^ (1 + l).u. Let F h u + u:T. Then by rule sl[l], F h l.(u + u): l.T. So by lemma[16l 
F h l.u + l.u: l.T. Then by lemma [TTl T h (1 + l).u: l.T = T. 

Group A 

rule (u + v) w ^ (u w) + (v w). Let F h (u + v) w: T = l.T. Then, by lemma [51 3a, (3, U and 
T >T s.t. 

a X ^ = 1 
F h w: a.u 

F h u + v:/3.C/ ^ T' = 1./3.C/ ^ T' 

Then by lemma [SI 35 s.t. 

F h n:5.f3.U T' = {5 x (3).U T' 
F h v: (1 - 8).I3.U ^ r = ((1 - (5) X /?).[/ ^ T' 

Then 

F h u:(^ X /3).[/ ^ T' Fhw:a.f/ 

> 

F h (u w): ((5 X ^ X a).T' 

and (J X /3 X a).r' = ((5 x l).T' = 5.T', then by lemmas [3] and [S] F h (u w) : ^.T. 
In addition 

F h v: ((1 - (5) X /?).([/ ^T') Fhw:a.[/ 

^ E 

F h (v w):((l -(5) X ;3 X a).r' 

and ((l-(5)x/3xa).r' {{l-6)xl).T' = {l-5).T', then by lemmas [land [5] F h (v w): (l-^).r. 
So 

Fh(uw):(5.T Fh (v w):(l-(5).r 



F h (u w) + (v w) : T 
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rule w (u + v) ^ (w u) + (w v). Analogous to the previous case. 

rule (a.u) v ^ a.(u v). Let T h (a.u) v:T = l.T. Then by lemmaH 37,/3, [/ and T' > T s.t. 

7 X ;9 = 1 

r h v:7.C/ 
r h Q.u:/3.[/ ^ T' 

and by lemma [TTl l3.U T' = a.S.U' then by lemmad U ^ T' = U' and l3 ^ a x 5 (notice that 
Py^O because 7 x /3 = 1). So by lcmma[Sl T h u: ^ T'), so 

r h u:(5.(C/ T') rhv:7.[/ 

>E 

u w:S.-f.T' 

■ sl\a] 

r h a.(u v):a.(5.7.r' 

However, a.(5.7.T' ee (a x 5 x 7).T' = (/3 x 7).T' = l.T', so by lemmaH T h a.(u v) : l.T ee T. 
rule V (a.u) — > a.(v u). Analogous to the previous case, 
rule u 0. True by lemma [Til and rule ax-Q. 
rule u — i- 0. True by lemma and rule qXq. 

Group B 

rule (Ax t) b ^ t[b/x]. Let F h {Xx t) b:T, then by lemmaEl 3a,f3,U,T' > T s.t. 

l = ax 13 

Xx t-.p.U ^T' 
F h b:a.C/ 

As b is a base term, then by lemma fT2l a — 1 and so /3 = 1. Then by corollary [TJ T , x : U \- t : T' , 
so by lemma [lOl F h t[b/2;] : T'. Then by lemma E F h t[b/2;] : T. 

AC equivalences 

Commutativity. Let F h u + v:T. Then, by lemma |9l 363'y s.t. 




Then 



Fhv:7.T Fhu:J.r 

-+/ 



Fhv + u:T 

Associativity. Let F h (u + v) + w: T. Then, by lemmalU 36 and 7 s.t. 




Then, by lemmaH again 36' and 7' s.t. F h u:6'.T, F h v: 7'.r and (5' + 7' = 6. Then 

ri-v:7'.T rhw:7.T 



Thu:6'.T F h v + w: (7' +7).r 
h/ 

F h u + (v + w) : ((5' + 7' + 7).T = T 
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5. Strong normalisation 



The scalar type system will now be proved to have the strong normalisation property. In order to show 
this we first set up another type system, which simply 'forgets' the scalars. Hence this simpler type system 
is just a System F for Lineal, which we call A2'° (definition [5]) . In the literature surrounding not Lineal 
but its cousin, the algebraic A-calculus, one finds such a System F in [isj, which extends the simply typed 
algebraic A-calculus of [i^ - our A2''' is very similar. Secondly we prove strong normalisation for it (theorem 
2]). Thirdly we show that every term which has a type in scalar has a type in A2'° (lemma [TO]) . which entails 
strong normalisation in scalar (theorem [S]) . 

This strong normalisation proof constitutes the second main technical contribution of the paper. In case 
the reader is not interested by the technical details, he may read the strong normalisation theorem (theorem 
[5]) and skip the remaining of this section continuing directly in section [5] 

In this section we use F Ih t : T to say that it is possible to derive the type T G T(A2''') for the term t in 
the context of F by using the typing rules from A2'°. We just use h for scalar. In addition, we use Name^ 
to distinguish the names of the typing rules in A2'''. 

Definition 5. The typing rules of A2''^ are the same as System F plus the following rules: 

^ rihu:v4 Flhv:A Flht:A 

^\^0:A Flhu + v:A Flha.t:A 

In order to prove strong normalisation we extend the proof for A2. The standard method was invented by 
Tait [s^ for simply typed A-calculus and generalized to System F by Girard Our presentation follows 

sec 4.3]. The following definitions are taken from this reference - with slight modifications to handle the 
extra A2'° rules. 

The strong normalisation property entails that every term is strongly normalising, so first we define the 
set of strongly normalising terms. 

Definition 6. SN = {t G A | t is strongly normalising}. 

The notion of closure is often captured by the notion of saturated set: 

Definition 7. 

1. A subset X C SN is called saturated if 

(a) Vrt > 0, a; ti . . . t„ G AT where t^ G SN and x is any term variable; 

(b) Vn > 0, v[b/a;] ti . . . t„ G X ^ (Ax v) b ti . . . t„ G X; 

(c) t,u G a: ^ t + u G AT; 

(d) Va G 5, t G a: ^ a.t G AT; 

(e) Vi G /, Ui wi . . . w„ G a: ^ {J2'i.ei "0 . . . w„ G AT; 

(f) Vi G /, u Vi Wi . . . w„ G a: ^ u iY^iei ^i) wi . . . w„ G X; 

(g) a.(ti...t„)GX^ti...a.tfe...t„GA: (l</c<n); 

(h) G X; 

(i) Vt G SN, (0 t) G AT; 

(j) Vt,u G SN, (t 0) u G X. 

2. SAT = {a: C A I X is saturated} 

The basic idea is to prove that types correspond to saturated sets. In order to achieve this, we define 
a valuation from types to SAT (in fact, from type variables to SAT and then, we define a set in SAT by 
using such a valuation) . 

Definition 8. 

1. A valuation in SAT is a map ^: V — > SAT, where V is the set of type variables. 
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2. Given a valuation ^ in SAT one defines for every T G T(A2''^) a set {T}^ C A as follows: 



{A ^ 



where X e V 

n max-.^Y) 



Y^SAT 



Lemma 18. 



1. SN e SAT, 

2. U,T e SAT ~^T & SAT, 

3. Let {Ai}ii^j be a collection of members of SAT, f]^^j Ai £ SAT, 

4. Given a valuation £, m SAT and aT m T(A2''^), then [Tj^ e SAT. 



Proof. See appendices [Appendix~j| [Appendix K[ [Appendix L| and [Appendix M 



Just like in definition [51 we define another valuation, this time from term variables to base terms. Wc 
use it to check what happens when we change every free variable of a term for any other base term. The 
basic idea is the following: we define p, ^ 1= t : T to be the property of changing every free term variable in 
t for another term (a base term, as term variables only run over base terms) and still having the resulting 
term in the set |T]^ for any valuation ^. So, we define F 1= t : T to be the same property, when the property 
holds for every pair in T and for every valuations p and ^. 

This is formalised in the following definition (definition ^ and with this definition, we prove that if a 
term has a type in a valid context, then the property above holds (theorem [3]) , which will yield the strong 
normalisation theorem (theorem via the concept of saturated set (because saturated sets are subsets of 



Definition 9. 

• A valuation in A is a map p:V — t- At,, where V is the set of term variables and Af, = {b G 
A I b is a base term}. 

• Let p be a valuation in A. Then |t]p = t[a;i := p{xi), . . . , a;„ :— p{xn)], where the 
set of free variables in t. 

• Let p be a valuation in A and ^ a valuation in SAT. Then 

- p,^ satisfies t:T, notation p, ^ N t : T 4^ |t|p G 

- p,C N F ^ p,^ N a;:r for aU x:r in F 

- F N t : T ^ Vp, e [p, C N F ^ p, C N t : T]. 

Theorem 3 (Soundness). F Ih f: T ^ F N f: T. 

Proof. We proceed by induction on the derivation of F Ih t : T. 

Basic cases 



SN). 



1. 



T,x:A\h x:A 



Notice that if p, ^ 1= F, a; : A, then by definition p, ^ N x : A. 



2. 



F Ih 0:^ 



aa^o Then V^Vp, by the saturation of one has G 1^]^- As |0]p = 0, then 
p, ^ N : A, and so VF, F N : A. 



Inductive cases 
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r Ih Xxt:A^ B 



by the induction hypothesis, F N u: A — s- i? and T \= v. A. 
T \\- w A ^ B rihvA Assume p, ^ 1= F in order to show p, ^ 1= u w.B. Then 

— — -^E^ p,^^m:A^ B, I.e. & {A ^ B\^ = {Aj^ ^ [B]^ 

r 1^ u viB [v]p e lAj^. Then |u vj, = Hp Hp e (Bj^, so 

p,^\=uv:B. 

Assume p,£_ N F in order to show p, ^ \= Xxt:A — B. That is, 
T,x: A\\- t: B we must show (|Aa;t]p s) e fS]^ for all s G Suppose s e 

^ 1^1^, then p{x s) 1= F, z: A and hence by the induction hypothesis 
[tlp(a;:=s) e B. Since |Aa;t]p s = {{Xxt)[y := p(y)] s) -^^ t[y := 
p{y),x :— s] = |t]p(a;-=s)j it follows from the saturation of {BJ^ that 
(IAxtlps)€ [SJj. 

F Ih t:VXA 

\/E^ Assume p,^ N F in order to show p,^ N t:yl[r/X]. by the indue- 

3^ Tht:A[T/X] ^-^^ hypothesis {tjp e |VX.A]j - ' f] Uhx-.^v), hence |t]p e 

Assume p, ^ 1= F in order to show p, ^ N t : VX.A. Since X ^ 
^ F Ih t : ^ X ^ FV{T) FV{T), one also has VF G 5' AT that p, ^{X F) N F, therefore 

- V/\y £ |t]^ e |Al^(x-=y), then by the induction hypothesis 

It]p£ IVXA]^, z.e. p,^Nt:VX.A 



FlhtiVAT.A 



6. 



Suppose p, ^ N F in order to show p,^ N t + u: A. By the 
F Ih tiA F Ih u: A induction hypothesis one has F 1= t:A and F N u: A, so |t]p G 
Pl^^^^.^ M« and Hp G 1^]^. Since [t + ujp = (t + u)[x := p{x)] = 

t[x := p(2^)] + u[x :— p{x)] = |t]p + |u]p, it follows from the 

saturation of 1^1^ that |t + u]p G [A]^. 

P 1^ ^ . ^ Suppose p, ^ 1= F in order to show p, ^ N a.t : A. By the induction hypothesis 

a/^ one has F N t:^, then |t]p G {A]^. Since {a.tjp = {a.t)[x := p{x)] 



F Ih a.t:^ a.{t[x := p{x)]) = a-ltjp, it follows from the saturation of {Aj^ that {a.tjp G 



Theorem 4 (Strong normalisation for A2 ). T \^ t:T ^ t is strongly normalising. 

Proof. Suppose F Ih t : T. Then by theorem^ F N t : T. Define po{x) = x for all x and let ^ be a valuation 
in SAT. Then po, ^ N F {i.e. for all {x: A) gT, po,^ \= x: A since x G [A]^ holds because [A]^ is saturated). 
Therefore po,C ^ t:T, hence t = |t]po G [T]^ C 5iV. 

It is possible to map every type from scalar to a type in A2''^ as follows. 

Definition 10. Let (•)^ be a map from T \ {0} to T(A2''^) defined as follows. 

(a.X)" = X {a.MX.Tf = VX.T^ {a.A ^ B)^ = A" ^ 

A^ [B^ /X] VTi = T2, = 

Notation F" = {(x: T^i) | (x: T) G F} and o'' = T for whatever type T G T(A2'°). 

We prove that if it is possible to give a type to a term in scalar then it is possible to give to the term 
the mapped type in A2'°. 

Lemma 19 (Correspondence with A2'"). F h tiT ^ F*! Ih t:TK 
Proof. Let = F h t : T. We proceed by induction over n. 
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Basic cases, n = 1. 

1. T,x:Uhx:u'''' {r,x:U)^ = r\ x: U\ so hy ax-" , {T , x:U)^ \h x: . 

2. ^r^—zax-Q By axo^ rMh 0:T for any T e T(A2'''), so take 0^ =T. 

Inductive cases. In all cases, if A = we can take = T for any T G T(A2'") and it is still valid by using 
the type equivalences. 

r h u:a.{U ^ B) T\-v:l3.U By the induction hypothesis Ih u:U^ B^ and 

1- rhuvfr^x B '^r^ ^-^^^ by rule ^ E<, Ih u v:i?^ = {{a x 

1 r u v.^a X p;.^ ^^^^^^^ 

2 T,x:U\-t:A By the induction hypothesis T^x: C/^ Ih t: so by rule J"^, 
rhAxt:C/^A^'f''^ r^lhAxt:C/^^A^ = (f/^A)^. 

3 r h t : yX.B By the induction hypothesis Ih t : {^X.Bf = "iX.B^ , so by rule 

r h t : B[u/x] ^^'^ 1^ t : [c/Vx]. 

r h t • T 

4 ^ V/[X1 By the induction hypothesis rMh t : T'', so by rule V/'', T*! Ih t : VX.T^ = 

■ rhtiVXT {yx.T)K 

^ Thu:a.A T\-v.l3.A By the induction hypothesis T^h u: A'' and T^h v : so by 
rhu + v:(a + /3).A rulc+/<,rMhu + v:Ah = ((a + /3).A)^. 

Tht:A u u u . 

5 sl[a\ By the induction hypothesis Ih t: A'l, so by rule a/'', T'l Ih a.x: A' = 

rha.t:a.yl (a.A)^ 

Strong normalisation arise as a consequence of strong normalisation for A2'" and the above lemma. 
Theorem 5 (Strong normalisation). V ^ t:T ^ t is strongly normalising. 
Proof. By lemma [TOl V"^ Ih tiT'', then by theoremUl t is strong normalising. 

Theorem [5] ensures that all the typable terms have a normal form. Taking up again the previous example, 
terms like Y are simply not allowed in this typed setting, as all the terms are strong normalising. So we do 
not have infinities, and hence the intuitive reasons for having restrictions one on the factorising reduction 
rules of the Linear-algebraic calculus (c/. (*) in Subsection [2]) have now vanished. If we drop them, the 
example just becomes: 

Example. Consider some arbitrary typable, and hence normalising term t. Then a.t — a.t can be reduced 
by a factorisation rule into (a — a).t. This reduces in one step to 0, without the need to reduce t. 

It turns out that in general for typable terms we can indeed drop the restrictions (*) and (**) that were placed 
on the factorisation rules and application rules of the operational semantics of Lineal, without breaking 
the confluence of Lineal. These restrictions were there only due to the impossibility of checking for the 
normalisation property in the untyped setting. The full proof of this fact is quite lengthy and at the same 
time relatively straightforward, as it mainly consists in replacing everywhere in the original proof of the 
confluence of Lineal [3| the closed normal assumptions upon terms which arises from using (*) and (**), 
by a global normalisation assumption - and check that this works. This fact also reinforces the idea of 
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that there is a formal correspondence between normahsation in rewriting and expressions of finite norm in 
algebra. 

Having dropped restrictions (*) and (**) is an important simplification of the linear- algebraic A-calculus, 
which becomes really just an oriented version of the axioms of vector spaces Q together with a linear 
extension the /3-reduction (i.e. restriction remains of course, to that all function remain linear in their 

arguments, in the sense of linear- algebra) . 



6. Further properties 

6.1. A type system for probabilistic calculi 

By restricting our scalars to positive reals, the scalar type system can be used in order to specialize 
Lineal into a probabilistic calculus. For instance, let us consider the following type judgement, which can 
be obtained from scalar. 

f ::= Xx ^i.(true -I- false)^ ^i.true -I- ^.false^^ : ;B ^ i3; 

where B stands for \/X.X X ^ X. Notice that B has true, false, and linear combinations of them with 
scalars summing to one, as members. Hence in this example the type system provides a guarantee that 
the function conserves probabilities as summing to one. Indeed, the term can be seen as a probabilistic 
function such that, if it receives true, it returns a balanced distribution of true and false, but if it receives 
false, it returns false more frequently than it returns true. We can ask what would the result be if it receives 
^ . (true -|- false) and find that everything works as expected, with probabilities summing to one: 

/ ( i . (true -t- false) ) — ^* ^. true 4- ^. false. 
V 2 / 8 8 



To make this intuition more formal, let us define a type system with the rules and grammar of scalar, 
where the valid types are the classic ones (i.e. types exempt of any scalar) and all other types are intermediate 
types: 

Definition 11. We define the type system V for the probabilistic calculus to be the scalar type system 
with the following restrictions: 

• 5 = M+, 

• Contexts in the type system V are sets of tuples {x : C) such that C is in the set C C Z// C T of classical 
types, that is types exempt of any scalar, which we have also referred to as in Section [Sj 

• Type variables run over classical types instead of unit types, i.e. the family of \fE[X := C] rules 
accepts only C G C, 

• The final sequent is well- formed in the following sense: VC G C, any derivable sequent F h t: C is 
well-formed, even if the derivation has scalars appearing at intermediate stages. 

We define a weight function to check when a term is a probability distribution of terms: 
Definition 12. Let cj : A ^ M+ be a function defined inductively by: 

u;{O)^0 w(ti+t2) =a;(ti)+cj(t2) 

a;(b) = 1 u}{a.t) = a X uj{t) 

w(ti t2) cj(ti) X a;(t2) 

where b is a base term. 
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So, we can enunciate the following theorem that shows that every term with a well-formed typing in the 
type system V reduces to a term with weight 1: 

Theorem 6 (Terms in V have weight 1). Let F h f:C he well-formed, then = 1. 

Proof. Instead, we will prove the most general case: F h t:a.C ^ t^ltj,) — a, by structural induction 
over tj,. We take F h tj,: a.C, which is true by theorem [TJ 

We will need three intermediate results (see appendix [Appendix N| for their proofs): 

Rl: If (ti is in normal form, then ti = x or ti = x r, where r = ri r2 . . . r„. 

R2: FI-2;:T^reC 

R3: F h X r : T and a; r is in normal form, then 3C G C, a G 5 such that T = a.C. 
Basic cases. 

1. tl= 0. Then uj{tl) = 0. In addition, by lemma [T51 a — 0. 

2. t],= X. Then uj{tl) = 1. In addition, by lemma [T^ a = 1. 

3. tl=Xxt'. Analogous to m 

Inductive cases. 

1. ti^ 7.t'. Then w(t|) = l.uj{t'). By lemma fTTl 3U eU,S e S such that a.C = -/.6.U, and by 
lemma [5J a = 7 x (5 and there are two options: 

• a = 0, so there are two options: 

-7 = 0, then uj{j.t') = X a;(t') = 0, or 

— 7 7^ 0,(5 = 0, then by lemma [Sj F h t':O.U = O.C, so by the induction hypothesis 
a;(t') = 0, so w(7.t') = 7 x 0. 

• a ^ 0, then C = U, so by lemma [51 F h t' : 6.C. Then by the induction hypothesis a;(t') — 5. 
Notice that w(t|) = 7 x a;(t') ~ j x S ~ a. 

2. ti=ti+t2. Then a;(ti) = w(ti) +tj(t2). By lemma [3 Ela, G 5 such that 

F h ti-.a.C 
F h t2: (t>.C 

a + (f) — a 

Then by the induction hypothesis cj(ti) = a and w(t2) = 4>, so w(ti) + w(t2) ~ a. 

3. (ti t2). Then cj(t|) = w(ti) x a;(t2). By lemma[6l 3[/ G W, /3, 7, J G 5 such that 

F h ti:/3.C/ ^ 7.C 
F h t2:(5.L/ 

/3 X 7 X (5 = a 

As (ti t2) is in normal form, by the result Rl, ti is a variable or a variable applied to something 
else, so by R2 and R3, U — >7.CgC, so7 = l and [/ G C, then by the induction hypothesis, 
a;(ti) = (3 and w(t2) — 6, so a;(t|) = aj(ti) x a;(t2) ^(3x6^(3x^x6 — a. 

n m 

Notice that, by [3, Proposition 2], closed normal terms have form ^ ai.\xti+ ^ Ax u^. The above theorem 

t=i j=i 

n 

entails that ^ + to = 1. 
1=1 

Hence the type system V, an easy variation of the scalar type system, specializes Lineal into a probabilistic 
higher-order A-calculus. 
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Remark. It is easy to prove that 



z ■.U,w:U\- ((2. Ax Ay ^.x + ^-v) z) w.U. 

But notice that w(((2.Aa; \y j.x + j.y) z) w) = 2, even when ((2. Ax \y j.x + j.y) z) w — ^.z + ^.w. So, 
a priori this w function cannot teh us that this term will yield a probability distribution of terms (notice 
that uj of the reduced term is 1). However the fact that has type U inC, according to the previous theorem, 
anticipates this result. 

6.2. A no-cloning theorem in the logic induced by the type system 

A type system always gives rise to a logic: the logical propositions are the types; the sequents are the 
contexts plus the types; the logical rules are obtained simply by erasing the terms from the typing rules; the 
proofs are obtained simply by erasing the terms from the type derivation trees - or equivalently by applying 
the logical rules upon the logical propositions. We call scalar logic, and denote SC the logic obtained from 
scalar, as defined in Section[SJ The present Section shows that proofs in SC enjoy a no-cloning property. The 
potential significance will be discussed in Section [71 although the aware reader will recognize worries related 
to non-duplication in Linear Logic and no-cloning in quantum computation. Informally, this property states 
that SC has no fixed proof method for duplicating a proposition. 

First we need to define what me mean by proof method, and for this we need the following lemma. 

Lemma 20 (The rules of SC are deterministic). Let R be a SC rule and let Qi^Q'^, with i = 1, . . . ,n, 
be sequents. Then 

Ql,...,Qn Ql7---,Qn n A w ^ — ri'l ^ c — c' 

R A R A Vt, Q, = QA ^ S = S 

S S' J 

Hence if H is a tree with nodes labelled by names of SC logical rules, then one may think of H as a function 
from sequents to proofs, i.e. a proof method: 

Definition 13. We define recursively the concept of proof method of order n to be the set of functions H„ 
which take the following form: 

no(S) = s 

P P P 

where 

• 5 is a sequent, 

• 7r„ is a constant proof of size n, 

• max{fc, h} = n — 1, 

• i? is a logical rule, and 

• P is a sequent such that the resulting proof is well-formed. 

Notation We denote by C(H„(S')) to the conclusion (root) of the proof H„(S'). 

A no-cloning theorem can be defined in terms of proof methods, and the way they treat scalars, i.e. there 
is not a generic proof method that is able to take a sequent with a scalar in its type as argument, and then 
return a sequent where such a scalar appears more than once in the type. 

Theorem 7 (No-cloning of scalars). ^H„ such that Va, C(H„(r h a.U)) ^ A \- {S x a'' + j).V with 
(5^0 and 7 constants in S, s £ and U, V constants in lA. 

Notice that a is a member of a ring and s is a natural number, so a'^ is just the multiplication of a by 
itself s times. 

Proof. Induction over n. 
Basic case, n ~ 0. Trivial, as Ho(r h a.U) = F h a.U for all H. 
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Inductive cases. 

• n„(r h a.u) = ^ 1 R 

p 

Assume P = A h {5 x a'^ + ^).V and let us do an analysis case by case on the possible rules R: 

1. R =— s> /[VF]. Because the denominator must be unit, Va, (5 x + 7 ~ 1, which is a 
contradiction. 

2. R = \IE[X := W]. Then {5 x a" + -t).V T[X/W], and C(n„_i(r h a.C/)) = VX.T. 
By lemma HI ElZ G iY, /3 G 5 such that T = p.Z, so by lemma [21 (5 x a'* + 7 = /3, then 
C(n„_i(r h a.[/)) = = yX.(5 x a" + j).Z = ((5 X a" + -/).yX.Z, which is a 
contradiction by the induction hypothesis. 

3. i? = yi[X]. Then (5 x a" + 7).^ = VX.T. Analogous toU 

4. i? = s/[^]. Then Sxa'+j.V- (3.T. By lemma[Tl T = a.W, then by lemmaHl ^ x a" + 7 = 
/3 X a. Notice that /3 cannot depend on a as the rule is constant, so it must be a depending 
on a*, which is a contradiction by the induction hypothesis. 

• n„(r h a.U) = R 

p 

Assume P = IS.^ {6 x + ^).V and let us do an analysis case by case on the possible rules R: 

1. R =^ E. Then C(7r,0 = A h p.W and C(nfc(r h a.U)) = A h ^ cr.V^ where 
Va, /3x0xo' = (5xQ!''+7. /3 cannot depend on a, as tt/j is constant, so: 

— Assume (p depend on a, and a do not, then it depend linearly on a by the induction 
hypothesis. 

— Assume a depend on a, then there are two possibilities: 

(a) U is an arrow with the last term of the arrow being a.V ^ which is a contradiction as a 
depend on a and U is fixed. 

(b) The arrow is set up through the derivation, so at some point we must had to use — )■ / 
rule in the following way 

e,z h a.V 

> I 

Z -^aV 

so by the induction hypothesis a depends linearly on a. Once we reach this point, the 
only possibility to add something depending on a and multiplying the whole type is 
with sl[a\ as it cannot come from any other branch (all other branches are constants). 
However, it is not possible either, as all the rules must to be constants. 

2. R = +1. Then C(IlkiT h a.U)) ^ Ah a.V and C(7r,,) = A h (/>.T/ where a + (j) = S x a^ + j. 
So, as (f) is constant, a = Sxc!t^ + j — cf), which is a contradiction by the induction hypothesis. 

TT .T^u rn ""^ TlhiTha.U) 

• n„(r h a.U) = ^ R 

P 

Assume P = Ah {6 x a'^ + j).V and let us do an analysis case by case on the possible rules R: 

1. R =^ E. Then C{Tik) = A h ^ a.V and C(n,i(r h a.U)) = p.W where /3 x x ct = 
(5 X a* + 7. 

Notice that nor </> nor a can depend on a, so the only possibility is to (3 to depend on a^ , 
which is a contradiction by the induction hypothesis. 

2. R = +1. Analogous [2] of the previous case. 

We can reformulate this theorem to look more like a no-cloning theorem in the following wajH. 



^Where T (SJ T stands for the usual encoding of tuples. Formally, to allow such an encoding for general types, we need to 
add the following equivalence (a.U) T = a.{U —> T), as was discussed in Section [3] 
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Corollary 3 (No-cloning Theorem). ^n„ such that VT G T,n„(r h T) is a witness of T h T => A \- 
T®T. 

Proof. By lemma ^ 3a ^ S,U ^ U such that T = a.U, so T T = a.U ® a.U = .{U ® U) ^ 
(1 X (1 X + 0)).(C/ (g) U). Then by theorem [7] the corollary holds. 

Hence our no-cloning allows the existence of a proof method 11 such that 11 (F h T) has conclusion F h T ^ 
A h T (8) T, but it does not allow the same proof method H to accomplish this for any proposition T . 

7. Discussion, future works, prospects 

7.1. Expressiveness of probabilistic calculi 

In Subsection 16.11 we have shown how an easy variant of the scalar type system specializes Lineal into 
a higher-order probabilistic calculus, but we have hardly studied this probabilistic calculus. For instance 
we have proved that it expresses probabilistic functions, but have not identified which class of probabilistic 
functions. Some ongoing work already suggests that there are ways of widening the class of probabilistic 
functions that can be expressed by extending the scalar type system with a 'sum of types' construct {e.g. 
2.A-\- B). Hence we postpone this important discussion of expressiveness till future work on a vectorial type 
system. 

7.2. Relation with Linear Logic, no- cloning and the quantum 

In Subsection 16 . 21 we have defined SC, the logic induced by the scalar type system when we forget about 
terms. The propositions in this logic are weighted by scalars {e.g. U — s> (2/3). V^), but what is the meaning 
that one can attach to these scalars? The +1 rule suggests that we need two proofs of A present in the proof 
tree in order to prove 2. A. Hence scalars in SC seem to reflect the quantity of proofs of atomic propositions 
that are needed to prove the composite proposition. However, this 'proof counting' interpretation holds 
true only after two modifications. First, we need remove the family of rules s/[-], because it trivially 
allows us to prove 2. A from one proof of A. But this jeopardizes subject reduction (specifically in the rule 
a.U + /3.U {a + /3).u), so we need to add an alternative typing rule such as 

Fha.u:(5.T Fh/3.u:7.r 
{a + P).u:{5 + ^).T 

From this alternative rule we are able to derive sl[-] for integer scalars as a theorem, but in this process we 
would have to repeat the proofs oi A a times in order to get to a. A. Secondly, let A = a.U and consider 
the duplicator h \x2.x:yX.X 2.X, which allows: 



^ \x2.x:'iX.X ^2.X 

\JE\X := U] 

h \x2.x:U ^2.U ^t:a.U = A 

> E 

h {\x2.x) t:2.a.U = 2. A 

without needing to prove A twice. Hence the proof-counting interpretation ought to hold, but only after 
cut-elimination; i.e. the removal of all E va. the derivation tree. 

This idea of counting proofs, and hence considering them as resources, is reminiscent of bounded linear logic 
{BCC) _2dl, and more generally linear logic (CC) [19]. However these do not only count the amount of 
resources available, they also make it impossible to add new resources. In CC the context puts a definite 
limit on how many resources we can use, whereas this is not the case in SC. Since the SC 'counts proofs' 
whereas CC 'counts and limits proofs', this suggests that SC may be embedded in CC. Ongoing works 
confirm this intuition: when scalars are restricted to be integer numbers, SC can indeed be encoded as a 
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fragment of IMELL, a subset of ££ [l^. The encoding is likely to only be an abstract interpretation when 
scalars are not restricted to integers. 

Clearly SC, unlike CC, does not refrain us from duplicating resources. Yet in Subsection 16.21 we have 
been able to prove a no-cloning theorem for SC. How can we make sense of this apparent contradiction? 
Consider the copying machine \- Xxx (S> x:\IX.X X ^ X , and let A = a.U , then this machine allows: 



a.\xx®x:a>JX.X ^ (X ® X) 

\JE[X ■- U] 

\- a.Xxx ® x:a.U ^ U ®U ^t:a.U = A 

; >E 

h {a.\x X ® x) t: .{U ® U) = A ® A 

This proof tree that yields A ^ A from a single proof of A, which needs be plugged as the right branch 
of the tree. However the symbol A appears also in the right branch of the tree; hence the proof method 
that duplicates A crucially depends on A. It is on this basis that our no-cloning theorem is formulated; our 
no-cloning allows the existence of a proof method H such that H(r h T) has conclusion FhT^AhT^r, 
but it does not allow the same proof method H to work for any type. This way of phrasing no-cloning must 
probably hold in CC as well, but it is not usually contemplated. SC emphasizes this property, which we 
believe is much more in line with quantum theory than the straightforward non-duplication of resources of 
CC. Indeed, quantum theory states that it is not possible to have a universal cloning machine, but does 
allow cloning machines of specific vectors. 



7.3. Towards a quantum physical logic from Curry- Howard? 

The original motivation behind Lineal was to seek to capture the underlying structures behind Quantum 
Computation. This was achieved to some extent, since any quantum algorithm can be expressed in Lineal 
[1]. But to some extent this has not yet been achieved, because in the untyped calculus one can express 
non-unitary, and hence non-physical linear operators. The problem of finding a type system that specializes 
Lineal into a quantum programming language is a subject for future works. Nevertheless it is clear that 
this problem is very much alike the one of checking for preservation of probabilities, and hence the type 
system given here is certainly a contribution in that direction. Hence from this perspective, our paper can 
be viewed as part of a larger trend [32|, |37, [2l| towards developing quantum programming 

languages 17 , [s^] ■ Of course one of the purposes of such quantum programming languages would be to 
express quantum programs in an elegant manner, but we believe that this is not a good enough reason - as 
not many quantum algorithms are known. A more important reason in our view is to provide a theoretical 
framework, i.e. a common and formal language, for reasoning and proving properties about these quantum 
algorithms and quantum information processing applications in general. 

Indeed, on the one hand there is this clear need for a logic that could aid us in isolating the reasoning behind 
some quantum algorithms; i.e. that would provide a tool to explore whether or not there is some typically 
'quantum piece of thinking' behind some algorithms such as Grover's [23| and Shor's (33| - which remain 
somewhat unintuitive. On the other hand it is clear also that classical computer science has now got a long 
experience of expressing the reasoning behind a program via several formally-defined logics, and that often 
these logics arise via the study of type systems for the programming language - through what has become 
known as the Curry-Howard isomorphism [sj] . Hence, rather than coming up with some ad hoc logics that 
would only reflect our current lack of understanding of the deep nature of quantum information (which is 
how many authors feel about 'quantum logic' 0), we would like to get to such a logic progressively and 
legitimately, from the study of the type system of a quantum programming language. In other words, this 
long-term program could be summarized as follows: we have programming languages, we know that the 
Curry-Howard correspondence builds logics from typed programming languages, so what non-trivial logic 
can it yield if applied to quantum programming languages? At the moment we have scalars within the 
types, and we have managed to give a statement of the no-cloning theorem solely in terms of types (see 
section |6]), which is promising. In the future we may have sums within types, and hence a vector space 
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of types hopefully reflecting more of the properties of quantum information. Though there may be other 
routes for fine-graining our type systems and capturing such properties, as was illustrated for quantifying 
entanglement by 23, 2^. 



7.-^. The model-oriented approach 

In the denotational semantics approach to typed calculi, terms are understood as functions, and types 
are understood as sets of functions, over a well-known mathematical space. This understanding provides 
an alternative path to new type system design: one can start by thinking of sets of functions that need 
to be characterized, and then work out a type system that accomplishes the job. Arguably this path can 
lead to less syntactic, more meaningful proofs of the properties of the type system, sustained by our guiding 
intuition of the underlying mathematical space. On the other hand, the complexity of the proofs in this 
paper is largely due to the large number of rules (16 rules plus associativity and commutativity of -|-), a 
difficulty which seems hard to circumvent. Moreover the issue of models of (Linear-) Algebraic A-calculus is 
a challenging, active topic of current research. We know of the categorical model of simply typed Lineal (ssj . 



and the finiteness space model of simply typed Algebraic A-calculus [1J,|36|. Whilst revising this paper, a 
syntactic finite space model System F algebraic A-calculus has been developed in [l^ ■ Hence known models 
are intricate and tend not to cover the set of terms under consideration in this paper. Notice also that since 
the models of untyped A-calculus are uncountable vector spaces, the models of (Linear-) Algebraic A-calculus 
are likely to be uncountable vector space. These are fascinating, open questions. 



8. Summary of contributions 

In summary, we have defined a System F -like type system for an extension of Lineal, a A-calculus 
which allows making arbitrary linear combinations of A-calculus terms a.t + /3.u. This Scalar type system 
is fine-gained in that it keeps track of the 'amount of a type', i.e. the type of terms contain a scalar which 
is the sum of the amplitudes of the terms which contribute to this type. 
Our main technical contributions were: 

• A proof of the subject reduction property of this scalar type system (theorem [T]) . This came out after 
having proven a set of lemmas related to the equivalence relation intrinsic to the types, and another set 
of lemmas explaining how the scalars within the types are related to the scalars within the terms. Once 
all of the important properties were known, we were able to use them to decompose and recompose 
any term before and after applying a reduction rule, so as to show that every reduction rule preserves 
the types. 

• A proof of the strong normalisation property of this scalar type system (theorem [5]). The technique 
used to prove the strong normalisation property was by proving that such property would hold for a 
simpler system, and then to show the correspondence between the two systems. As a direct consequence 
of this property, some restrictions were lifted in the reduction rules, allowing the factorisation not only 
of closed normal terms but also of strong normalising terms - which is the case of all the typable terms. 

In the discussion we derived two other important results: 

• We have explained and demonstrated that the scalar type system can readily be made into a type 
system for probabilistic calculi, which specializes the calculus so that the functions thereby defined are 
guaranteed to be acceptable probabilistic functions. 

• We have begun to look at the logic induced by this scalar type system and formulated a no-cloning 
theorem (corollary [3]) solely in terms of proof methods in that logic. 

We have discussed the potential impact and follow-up to these contributions in Section [T] 
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Appendices 

Appendix A. Proof of lemma [1] 

Let /i(-) : T — > No be a map defined inductively by 

fM{x) = /i(vxr) = i + fi{T) 
niu^T) = ^J.{a.r) = i + /^(r) 

m(o) - 

Then we proceed by induction over fJ.{T). 
Basic cases. Let /i(T) = 0. Then 

1. T = X, then T eU a.ndT= l.T. 

2. T = U ^ A, then T eU andT = l.T. 

3. T = 0, tlicn yU eU,T = O.U. 

Inductive cases. Let ^i{T) = n and assume the lemma is valid for all A with ij.{A) < n. Then, the possible 
cases are 

1. T = \/X.A, then ii{A) = n — 1, and so by the induction hypothesis 3U G U s,t, A = U oi A = a.U, 
then T EE yX.U £ W or T = WX.a.U = a.yX.U. 

2. T = a. A, then ^J,{A) — n — 1, and so by the induction hypothesis 3U G U s,t, A = U oi A = (3.U, 
then T = a.U or T = a.jS.U = (a x P).U. 

Appendix B. Proof of lemma [2] 

Following lA grammar, neither U nor U' could contain scalars in this head form but only in the right side 
of a type — > T. However, no equivalence rule lets it come out from the right of the arrow and get to the 
head-form, so if a.U = /3.U' that means a = (3 = 0oiU = U' and a = /3. 

Appendix C. Proof of lemma [3] 

T > T', then assume T = Ri > ■ ■ ■ > Rn = T' . Then Vi one has Ri > Ri+i. So, the possible cases are: 

• Ri+i = yX.Ri, then a.Ri > \fX.a.Ri = a.yX.Ri = a.Ri^i. 

• R, = VX.C and = C[U/X], then a.i?, = a.VX.C = VX.a.C > {a.C)[U/X] = a.{C[U/X]) = 
a.Ri+i. 
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Appendix D. Proof of lemma [4] 

A map (•)° is defined by 

X° {A^B)° ^A^B {yX.A)° = A° {a.A)° = a.A° (0)° = 

We need two intermediate results. 

1. Given T, U, 3V / {T[U/X])° = T°[V/X] 

2. T > R=^3U,X / R° = T°[U/X] 

Proofs 

1. Structural induction on T 

T = X, then {X[U/X])° ^ U° = X[U°/X] = X°[U°/X]. 
T = Y, then {Y[U/X])° = Y = Y°[U/X]. 

T = A ^ B, then {{A B)[U / X])° = {A[U / X] B[U / X])° = A[U/X] B[U/X] = {A ^ 
B)[U/X] = (A ^ B)°[U/X]. 

T = MY.r, then {{^Y.T')[U / X])° = {\1Y.T'[U / X])° ^ (r'[[//A])°, which is, by the induction hy- 
pothesis, equivalent to T'°[V/X] = {W.T')°[V/X]. 

T = 0, analogous to T = F. 

T = a.T', then {a.T'[U/X])° = a.(T'[U/ X])° , which is, by the induction hypothesis, equivalent to 
a.{T'°)[V/X] = iia.Tr)[V/X]. 

2. It suffices to show this for T > R. 

Case I. R = MX.T. Then R° = T°. 

Case 2. T = \/X.S and R = S[U/X] then by the intermediate result [Done has R° = S°[U/X] = 
T°[U/X]. 

Proof of the lemma. U T = {U ^ T)°, by the intermediate result [H one has this equivalent to 

(V ^ R)°[U/X] = {V R)[u/x]. 

Appendix E. Proof of lemma IIOI Item 1 

Let S*,! = r h u: T. Induction over n. 
Basic cases, n — 0. 

Notice that {r,x:V)[U/X] = T[U/Xlx: V[U/X], then by ax rule, 

1- T,x:Vhx:V (T,x:V)[U/X]^ x:V[U/X]. 

Notice that = 0[[//X], then by axg, r[t//X] h 0:0[[//X]. 

rhO:0 ° 

Inductive cases. 

T h u:a.{V ^T) Thvi^.F by the ind. hypothesis T[U/X] h u: {a.{V 
1. Th (uv)-(ax B)T ^ T))[U/X]. However, notice that {a.{V T))[U / X] = 

a.V[UlX]^T[U/X]. 
T[U/X] h u: {p.V)[U/X], however, {fi.V)[U/X] = p.V[U/X], so 

T[UIX] h \i:a.V[U/X] T[U / X] T[U / X] h u: p.V[U/X] 

> E 

T[U/X] h (u v) : (a X I3).T[U/X] 

Notice that (a x fi).T[U/X] = {{a x I3).T)[U/X\. 
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r x-V\-t-T by the induction hypothesis (r,a;: V^)[C//X] h t:r[J7/X]. 

■ /[y] Notice that (r,2;:V^)[C//X] = r[C//X],a;:y[C//X], then 



Xxt:V 



r h u-.yy.T 



r\U/X] , X : V[U/X] h t : T\U/X] 

— —— —— ^ i\v[u/x]] 

r[U/X]^ \xt:V[U/X]^T[U/X] 
Notice that V[U/X] T[U/X] = {V ^ T)[U/X]. 

rhu-Vr.T induction hypothesis T[U/X] h u: {VY.T)[U/X] where X ^ 

— '. V£; r and r ^ FV{u). Then {WY.T)[U/X] = WY.T[U/Xl and so by 

3. r h u:T[V/Y] using rule, T[U/X] h u: {T[U/X])[W/Y]. As F ^ i^V^CC^), then 

(T[t//X])[iy/y] = T[U/X,W/Y]. 

Take = V[U/X], then T[t//X, Vl^/y] = {T[V/Y])[U/ X]. 

Take Z ^ X s.t Z does not appear in F, T, f7. by the induction hypothesis 
r h u:r r[Z/r] h u:r[Z/r], but as r ^ FV{T), we can just write T h u:T[Z/y]. 

: V/ by the induction hypothesis again T[U/X] h u: {T[Z/Y])[U/ X]. As Z does 
not appear in F not U, Z does not appear in T[U /X] . Then by using V/ rule, 
T[U/X] h u:yZ.{{B[Z/Y])[U/X]). Notice that yZ.{{B[Z/Y])[U/X]) = 
(yZ.B[Z/Y])[U/X] ^ {\IY.B)[UIX]. 

Tht:T |_|y ^Yie induction hypothesis T[U / X]:t:T[U / X], then by using sl[a\ 

rha.t:a.r^ rule, r[J7/A] : a.t : a.T[C//X]. Notice that a.r[?7/A] = (a.T)[C//X]. 

by the induction hypothesis r[[//X] h u: {a.A)\[J / X] and 
rhu:a.A rhv:/3.A r[[//X] h v: (/3.A)[t//X]. And notice that (a.^)[;7/X] = 
6- rhu + v(a + /3) A and = /?.A[C//X]. So, by rule +/, 

V[U/X] h u+v: {a^P).A[U/X]. Notice that (a+/3).A[[//A] = 
{{a + p).A)[U/X]. 

Appendix F. Proof of lemma IIOI Item 2 

Let Sn — T^x:U \- t:T. Induction over n. 
Basic cases, n — 0. 

1- 77Z 77 Notice that x\h/x] = b, so T h b : C/. 

L ,x: U b x: U l/j 

^- r,y:F,x:[/ h?/:y "'^ Notice that y[b/a;] = so T, y : y h y[h/x] : ^ by rule ax. 
3. p a;- f/ h O-O Notice that 0[b/a;] = 0, so T h 0[b/a::] : by rule ax^. 



Inductive cases. 

T,x:Uhu:a.{V ^T) T,x:U h ^.V 



by the induction hypothesis T h 
^[b/x]: a.{V T) and T h 



1- r,x:[/h (u v):(a X ^).r v[b/a;] : /3.y, so using rule ^ E, 

r h (u[b/2;] v[b/2;]):(a x /3).T. Notice 
that (u[b/a;] v[b/x]) (u v)[b/a;]. 

r X' U ^ t' T Notice that the conclusion on this derivation does not match with 

^ ' ' ' I\U\ hypothesis, as x is not in the context. So, the only way to use 



T \- \xt:U — ?> T this lemma ending with a I[U] rule is as in the following case. 
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T yV X' U \- t'T tiy the induction hypothesis T,y:V h t[h/x] : T, then by rule 

^' ^ ' / x\ t/ rr. ^ ^[^] ^ ^[^]' r K Ay (t[b/x]) : y -> r. Notice that Xy {t[h/x]) = 
T,x:Uh\yt:V^T (Ayt)[b/a;]. 

A r a; • t/ h u • yX T ^ly the induction hypothesis T h u[b/a::] : \IX.T , then by rule VS, 

T,x:U^vi:T[V/X] ^ ' ^ ^ ' ^ 

T,x:UV' u:T 

^' r x-U\-u-\/XT ^^"^ induction hypothesis F h u[b/a;]:T, then by rule V/, F h 

u[b/a;]:VX.T. 

' ' ' . s/[q;1 by the induction hypothesis F h t[b/a;]:T, then by rule s/[a], 



T,x:U \- a.t:a.T F h a.(t[b/x]) : a.T. Notice that a. (t[b/a:]) = (Q;.t)[b/a;]. 

7 T,x:Uhu:a.A F, .t : [/ h v : by the induction hypothesis F h u[b/x] : a A 

_1 ] ^/v[b/x] : p. A, so by rule +/, F h u[b/a;]+v[b/a;] : {a + 

F,a;:t7hu + v:(a + /3).A pyA. Notice that u[h/x] + v[h/x] = (u + v)[b/x]. 

Appendix G. Proof of lemma [T2l 

Let S*,! = F h b : T. Induction over n 

Basic case, n = 0. 

ax with U eU 

T,x:Uhx:U 

Inductive cases. The possible cases are 

r,x:Uht:B 

1. ^ I\U] with U eU As U eU, then U ^ B eU. 

Xxt:U ^ B 

F h b:VXS 

V-B by the induction hypothesis VX.B eU,aoB eU and then S[C//X] e U. 



F h b:S[C//X] 
F h t:B 



Tht-.yx.B 



■ V/ by the induction hypothesis B so WX.B e U. 



Appendix H. Proof of lemma [T3l 

Let S*,! = F h : T. We proceed by induction over n 

Basic case, n ~ 0. 

= axjT 

FhO:0 

Inductive cases. 

FhO:VXr 

1 \/E Then by the induction hypothesis \/X.T = 0, so T = and also 

T^O:T[U/X] T[U/X]^0. 

FhO:T 

2. V/ Then by the induction hypothesis T = 0, so VX.T = 0. 

F h : yX.T 
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Appendix I. Proof of corollary [2] 

Assume T h t : T, then by lemma [H T = a.U. As T h t : = O.U, then by theorem H a = 0. 

Appendix J. Proof of lemma [T8l Item 1 

Let SN C SN, we need to prove it satisfies each point of the definition of saturation. 

1. a; ti . . .t„ e SN. 

2. Assume v[b/a;] ti . . .t„ G SN, then the term 

(Axv) b ti . . .t„ (J.l) 

must terminate because v,b,ti, . . . ,t„ terminate since these terms are SN by assumption (v[b/a;] is 
a sub-term of a term in SN, hence itself is SN; but then v is SN), After finitely many steps reducing 
terms in lJ.ll we obtain {Xx v') b' t'l . . . t'^ with v — v', etc. Then the contraction of (Ax v') b' t'l . . . 
gives 

v'[b7x]t',...t; (J.2) 

This is a reduct of v[b/a;] ti . . .t„ and since this term is SN, also IJ.2l and the term (Xxv) b ti . . .t„ 
are SN. 

3. t, u G SN, then t + u e SN. 

4. t e SN, then Va G S, a.t £ SN and vice- versa. 

5. Vi e /, Ui w 6 SN, then {J2iei^i) which is the sum of SN terms, so by [31 
J2iei(^i Assume {J2iei^i) '^o* SN. Since V«,Ui w are SN, then Vi, are SN, so 
by El J2iei "^^^ ^'^^ ^ ~ (SiG/ ^- proceed by structural induction on v to show the 
contradiction: 

(a) V = X, then bylUa; w is SN, which is a contradiction. 

(b) V ~ Xxv', then v'[wi/x] cannot be SN (in other case, byj^l v w would be SN). Notice that 
if J2iei ^* ^ with V being a base term, then there are some i such that u,; — >■* aj.v with 

ai = 1, others (may be zero) i such that — >■* and others which form two sets of the same 
size (possibly 0), one going to /3.t and the other going to — /3.t. However, by the first group, 
those Ui going to a^.v, we can see that a^.v w is SN, so by [7] and El v w is SN, which is a 
contradiction. 

(c) V = vi V2. Then we can take V2 as part of w and use the induction hypothesis. 

(d) V = 0, then it is a contradiction by item [HI 

(e) V = Vi -I-V2. Since this term is in normal form, the only possibility for the reduction is (vi w) -|- 
(vi w), which is the sum of two terms that, by the induction hypothesis, must be SN, so the 
whole term is SN. 

(f) V = a.v'. Since this term is in normal form, the only possibility for the reduction is a.(v' w), 
which is SN by the induction hypothesis and [H 

6. Wi e I, u Wi wi . . . Wn £ SN, then u (X^ie/ ^0 vfi... w„ J2iei('^ Vi wi . . . Wn) which is the 
sum of SN terms. This case is analogous to |S1 

7. a.(ti . . . t„) G SN then Vfc, ti . . . a.tk . . . t„ must terminate because ti, . . . , t„ terminate since these 
terms are SN by assumption, so after infinitely many reduction steps reducing ti . . .a.tk . . .t„ we 
obtain a.u, with ti...t„ u. So a.u is a reduct of a.(ti...t„) and since this term is SN, 
\fk, ti . . . a.tk . . . t„ are SN. 

8. OeSN. ^ 

9. t t' and since t is SN, assume t' is in normal form, so t' — 0, then t e SN. 

10. t u t' u', as t, u are in SN, assume t', u' are in normal form, then t' u' — ;> u' — 0, so it 
is in SN. 
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Appendix K. Proof of lemma [T8l Item 2 



Let U,T e SAT, then x e U by definition of saturated sets. Then FeU^T^FxeT, as Te SAT, 
then T C SN, so F x G SN and so F is strong normahsing. 
.-. U ^T C SN. 

Now we need to show [/ — s> T is saturated by showing each point at the definition of saturated sets. 

1. Let t G SN, we need to show that x t E U ^ T, i.e. Vb G ?7, x t s G T, which is true since U G SN, 
so b G SN and T is saturated, then a; t s G T. 

2. Let v[b/2;] t e U ^ T, then Vs G U, v[b/a;] t s G T and since T is saturated, (Ax v) b t s G T, so 
(Axv) b t G C/ ^ T. 

3. Let t,uGf/— s>r^VsG?7, tsGT and u s G T, then by item (e) on the definition of saturation, 
(t + u) s G T, so t + u G ?7 ^ T. 

4. Let t eU ^ T then Vs G C/, t s G T, then by the saturation of T, Va G 5, a.(t s) G T, then by item 
(g) on the definition of saturation, a.t s G T, so a.t G U ^ T. 

Let a.t G U ^ T, then Vs G U, a.t s G T, so by item (g) on the definition of saturation, a.(t s) G T, 
so by saturation of T, t s G T, so t G [/ ^ T. 

5. Let Vi G /, Ui w G [/ — > T, then Vs G C/, w s G T, then by the saturation of T, (X^ie/ '^i) w s G T, 
so w G (7 ^ T. 

6. Let Vz G /, u Vi wi . . . w„ G [/ — ?> T, Vs G C/, u v,; Wi . . . w„ s G T, then by saturation of T, 
u iJ2iei Vi) wi . . . w„ s G T, so u {Y,iei Vi) wi . . . w„ G C/ -> T. 

7. Let a.(ti...t„) e U ^ T, then Vs G C/, (a.(ti . . . t„)) s G T, then by the saturation of T, 
a.((ti...t„) s) G T, and so, by the saturation of T again, Vfc,ti ... a.tk . . . t„ s G T, then 
Vfc,ti . . . a.tk ... tn€U -)-T. 

Let ti ... a.tk ... t„ G f/ — !■ T, then Vs G [/, ti ... a.tk . . . t„ s G T, so a.(ti . . . t„ s) G T and 
then a.(ti . . . t„) s G T, then a.(ti . . . t„) eU ^T. 

8. By saturation of T, Vs G C/, s G T, then G f/ -> T. 

9. Let t G SN, then Vs G C/, t s G 57V, then by saturation of T, t s G T, so t G ?7 ^ T. 

10. Let t, u G SN, then Vs G C/, u s G S'/V, so by the saturation of T, t u s G T, then t u e U ^ T. 

Appendix L. Proof of lemma [TSl Item 3 

Let {Ai}i^j be a coUection of members of SAT, then Vi G /, C SN, so flie/ ^ SN. 
We have to show that Hie/ is saturated. 

1. Vi G /, Vn > 0, X ti . . . tn € Ai where t^ G SN and x is any term variable, then x ti . . . t„ G Hie/ 

2. Vn > 0, let v[b/x] ti . . . t„ G Hie/ then Vi G /, v[b/x] ti . . . t„ G Ai, so Vi G /, (Axv) b ti . . . t„ G 
Ai and then (Axv) b ti . . . t„ G Hie/ ^i- 

3. Let t, u G Hie/ then Vi G /, t, u G so Vi G /, t + u G A; and then t + u G Hie/ ^i- 

4. t G Hiei^i ^ Vi G /,t G Ai ^ Va G 5,Vi G /, a.t G A^ ^ Va G 5, a.t G flie/^i- 

5. Vj G J, w G flie/ Aj ^ Vi G /, Vj G J, w G A^ Vi G /, (Eje/ "j) w G Aj (EjeJ "j) ^ G 

6. Vj G J, u Vj w G riie/^i Vi G /,Vj G J, u v^ G A^ ^ Vi G /u (Ejgj'^j) w G A^ =^ 

7. a.(ti . . .t„) G Htei^i ^ Vi G /,a.(ti . . .t„) G A,; ^ Vi G /,ti . . . a.tfc . . . t„ G Ai with (1 < fc < 
n) 4^ ti . . .a.tfe . . .t„ G flie/ Ai. 

8. Vi G /, G Aj, then G flie/ 

9. Vi G /, Vt G 5iV, (0 t) G A„ so (0 t) G f]^^j A,. 

10. Vi G /, Vt, u G SN, (t 0) u G A,, then (t 0) u G fljG/ 
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Appendix M. Proof of lemma [T8l Item 4 

By structural induction on T . 
T := X. Then [T]^ ^ i{X) e SAT. 

T -.^ B. Then {T\^ = {A\(^ by the induction hypothesis 1^]^, {B}^ e SAT, then by lemma 

[112), {A}^ ^ IB\^ e SAT. 

T -.^ yX.r. Then {T}^ = f] {T\(X:=y)- by the induction hypothesis Vy G SAT, IT\(^X:=Y) e S'AT, 
then by lemmafUS), f] I'r'l5(jf:=i') e S'^T. 

YGSAT 

Appendix N. Proofs of intermediate results in the proof of theorem [6] 

Rl: Structural induction on ti. 

Basic cases. 

1. ti = X. Done. 

2. ti ~ Axu, then ti t2 — > u[t2/a;], which is a contradiction. 

3. ti = 0, then ti t2 — i- 0, which is a contradiction. 

Inductive cases. 

1. ti = a.xi, then ti t2 — > q;.(u t2), which is a contradiction. 

2. ti = u + V, then ti t2 — ?> (u t2) + (v t2), which is a contradiction. 

3. ti = (u v), then by the induction hypothesis there are two options: 

(a) u = a:, so u V = a; r where f = v, or 

(b) u = x f , so u V = a; s, where s = r v. 

R2: Let S'„ = F h a; : T. Induction over n. 

Basic case, n ~ Q. 

ax 

T,x:T \- x:T 

Then T G C, as contexts have only classic types in the type system V. 

Inductive cases. 

Thx: yX.T 

1. \/E\X := CI Then by the induction hypothesis VX.T G C, so T £ C and then 

Thx:T[C/X] 

T[C/X] G C. 
r h x:T 

2. V/ Then by the induction hypothesis T G C, so VX.T G C. 

r h a; : \fX.T 

R3: Let 5„ = F h a; r : T. Induction over n. 

Basic case, n ~ 1. Notice that f cannot be 0, as (a; 0) — s> 0. So, the only possibility is 

ax ax 

T,x:U ^T,y:U h x:U -^T T,x:U T,y:U h y.U 

> E 

T,x:U ^ T,y:UV- x y.T 

Then, by R2, [/ ^ T G C, so T G C. 
Inductive cases. Notice that x r — (((x ri) r2) . . .r„) 
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Th {xr):a.{U ^T) Tht:^.U 

I > i^Then by the induction hypothesis, U T gC, 

rh(a;r)t:(ax/3).T so T e C and T = l.T. 

rha; r:VXr 

Vi? Then by the induction hypothesis 3D GC,a € S such that \/X.T = 



2. xr:T[C/X] ^j)^ so 3E & C s.t. T = a.E, then T[C/X] = {a.E)[C/X] 

a.E[C/X]. Notice that E[C/X] G C. 

r h .r f : r 

3 V/ Then by the induction hypothesis 3C G C, a G 5 s.t. T = a.C, so 

r h a; r : VX.T yX.T = VX.a.C = a.VX.C. 
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